EventsEvents
|
|
In addition to integration with the Windows NT native Event Viewer utility, Hyena also incorporates its own event viewing mechanism. The event log for a server or workstation can be accessed several different ways:
By double-clicking or
right clicking on the Events object under any computer displayed in the left
tree window.
By expanding the Events object (clicking on the
'plus' sign next to Events) and selecting the event log to view.
By selecting one or more
computers in the right list window, right clicking, and then selecting
the View Events option.
By selecting a computer
in the left tree window, right clicking, and then selecting the View Events option.
Selecting
the Event Viewer option from Hyena's
popup context menu will run the native Windows NT event viewer (Eventvwr.exe)
for the selected computer. Selecting the View
Events option or double-clicking on the Events object will display
Hyena's event viewer dialog. The remainder of this help section describes
the options available when using Hyena's integrated event viewing options.
To view the details of a specific event, simply double-click an event. The event properties window will display all of the event details, and allow going to the previous/next event.
Event Viewing Options
Event Log – Select the event log(s) to view. Hyena's event viewer supports all of Window's event logs. Multiple logs can be viewed as well.
Event Order – Select whether to view the oldest or newest events first, that is, either in forward or reverse chronological order.
Date Range - Select the beginning and ending dates (or all event dates)
Note:
When any of the filtering options are enabled or if more than one event
log is viewed, Hyena will retrieve ALL of the events from the selected
computer(s)
and evaluate them against the filter criteria. This will result in some
additional event processing time. When no filter criteria has been entered,
Hyena will only retrieve a small block of events to improve performance.
However, if any of the display columns are sorted on, the remaining events
will be retrieved automatically in order to perform the sort operation.
Leave the filter fields blank to retrieve all events.
When
events are filtered, the title bar of the list window will contain the
word "(filtered)".
Event ID(s) – Enter the event ID(s) to filter against. If multiple event Ids are needed, separate them with commas (“,”). To only show events with the filter ID(s) entered, select the option "Only show these events". To show events other than the event ID(s) entered, select the "Exclude these events" option.
Source – Enter the source name for the event.
User/Group Name – Enter the user or group name. The entered user or group must match what would normally be displayed in the event view window, including the preceding domain name, for example, “Domain Name\Administrator”.
Description – Enter the characters to search in the description field. If this option is disabled, see the information below concerning “Event Description Handling”.
Event Types – Enter the event type(s) to filter for, if desired. Select ALL of the event types to disable event type filtering.
Due to how
the event reporting mechanism is implemented in Windows, a lot of intensive
processing is required to actually create the event description field.
By default, Hyena will not display the event description until the event’s
properties are viewed (by double clicking on the event). However, Hyena
can be configured to display the event description for all events in the
list window, by adding the Description column to the list of display fields.
This is done by selecting Tools->Settings->Display
on the menu, and adding the Description field to the list of event fields
to display. This will also enable the option to filter by event description.
However, when the description field is enabled for the list window, note
that there can be a significant reduction in performance when viewing
the events. Use individual preference for performance vs. the advantage
of seeing all of the event information at one time, when determining whether
to enable this option.
Viewing Events on Multiple Computers
Events can be viewed and filtered for multiple computers at the same time. To do this, first display the computers in the list window. Then, select the desired computers, right click, and select Events from the context menu. Options for filtering, etc are identical to those available when viewing the events for a single computer.
Sorting and Viewing Event Information
Event information is displayed in Hyena's list window. Events can be sorted by simply clicking on any column header. To view the event detail information, including the description, simply double click on the event. The event view can be customized under the Tools->Settings->Display dialog.
Opening and Backing Up Event Logs
Selecting the Open Log File... option will allow selecting and viewing an existing saved event log file. Since Windows does not store the event log type into the event log file, selection of the event log type is required to properly format the event log messages. The current list of event log types is chosen from the local computer, however, anything can be manually entered into the event log type. This information is only used to construct the event log message. Hyena also supports entry of multiple event logs. For proper formatting of the event log message, when opening multiple event logs, they should be the same type (ie application, system, etc.)
Selecting Backup Event Log... permits saving a selected event log to an external file.